@sphereon/ssi-sdk-ext.jwt-service 0.24.1-next.97 → 0.24.1-unstable.111
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +73 -374
- package/dist/agent/JwtService.d.ts +1 -0
- package/dist/agent/JwtService.d.ts.map +1 -1
- package/dist/agent/JwtService.js +7 -1
- package/dist/agent/JwtService.js.map +1 -1
- package/dist/functions/index.d.ts +17 -3
- package/dist/functions/index.d.ts.map +1 -1
- package/dist/functions/index.js +142 -12
- package/dist/functions/index.js.map +1 -1
- package/dist/types/IJwtService.d.ts +33 -8
- package/dist/types/IJwtService.d.ts.map +1 -1
- package/dist/types/IJwtService.js +15 -3
- package/dist/types/IJwtService.js.map +1 -1
- package/package.json +13 -13
- package/plugin.schema.json +2412 -112
- package/src/agent/JwtService.ts +9 -1
- package/src/functions/index.ts +168 -16
- package/src/types/IJwtService.ts +59 -13
package/README.md
CHANGED
|
@@ -6,410 +6,109 @@
|
|
|
6
6
|
<br>
|
|
7
7
|
</h1>
|
|
8
8
|
|
|
9
|
-
A plugin that
|
|
10
|
-
|
|
11
|
-
as JWKs.
|
|
9
|
+
A plugin that can generate and verify JWTs. It can create/sign JWS in Compact, JSON General and JSON Flattened form as
|
|
10
|
+
specified in [RFC 7515](https://datatracker.ietf.org/doc/html/rfc7515)
|
|
12
11
|
|
|
13
|
-
Currently, it supports the following
|
|
12
|
+
Currently, it supports the following JWS forms:
|
|
14
13
|
|
|
15
|
-
-
|
|
16
|
-
-
|
|
17
|
-
-
|
|
18
|
-
- X.509 certificate chains
|
|
14
|
+
- JWS Compact Form
|
|
15
|
+
- JWS Json General
|
|
16
|
+
- JWS Json Flattened (1 signature)
|
|
19
17
|
|
|
20
|
-
|
|
18
|
+
The plugin is using
|
|
19
|
+
the [Universal Identifier Resolution](https://github.com/Sphereon-Opensource/SSI-SDK-crypto-extensions/tree/develop/packages/identifier-resolution)
|
|
20
|
+
module. Both for generating JWS JWTs as well as for verifying JWTs.
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
- OID4VCI Issuers
|
|
22
|
+
When signing a JWS it takes into account any x5c, kid or JWK value already present in the header, as well as the `iss`
|
|
23
|
+
value. When not present but a Managed Identifier is being provided, the signing service will take care of putting the
|
|
24
|
+
correct headers into the JWS.
|
|
26
25
|
|
|
27
|
-
|
|
28
|
-
be used for any and all identifier resolution.
|
|
26
|
+
# Creating/signing a JWS
|
|
29
27
|
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
28
|
+
The `jwtCreateJswCompactSignature` accepts a protected JWT header. You can put any JWT header properties in there.
|
|
29
|
+
The `payload` can either be a base64url payload, a `JwtPayload` object or a Buffer/Uint8arry. The method will take care
|
|
30
|
+
of any relevant conversions
|
|
33
31
|
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
Managed or internal identifiers, are identifiers that are being controlled by the agent. This means the agent either has
|
|
37
|
-
access to the private key, or is using a hardware protected mechanism with access to the private key. All of the managed
|
|
38
|
-
methods return both a JWK managed by the agent, an IKey instance, which is the internal key representations, as well as
|
|
39
|
-
a kmsKeyRef allowing you to retrieve the key easily later.
|
|
40
|
-
|
|
41
|
-
Read an identifier by IIdentifier object or DID (or did URL)
|
|
42
|
-
|
|
43
|
-
### DIDs and IIdentifiers
|
|
32
|
+
The `issuer` object allows you to provide a managed identifier
|
|
44
33
|
|
|
45
34
|
```typescript
|
|
46
|
-
const
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
resolution = await agent.identifierManagedGet({
|
|
56
|
-
identifier:
|
|
57
|
-
'did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiR2poUzgzeTJGaWhqYkYzOFBfc01VS2Y5MzVoVnZNRHNjazBEZ3h4bUMzNCIsInkiOiJTcFZPR3g1bGV2UWM1TV9ZM2VBTTJvdWhmRnF0VXNQelVfX0RBSVRYLWhJIn0',
|
|
58
|
-
})
|
|
59
|
-
// This is the same as above, but with the benefit of having fully typed response, instead of a union
|
|
60
|
-
resolution = await agent.identifierManagedGetByDid({
|
|
61
|
-
identifier:
|
|
62
|
-
'did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiR2poUzgzeTJGaWhqYkYzOFBfc01VS2Y5MzVoVnZNRHNjazBEZ3h4bUMzNCIsInkiOiJTcFZPR3g1bGV2UWM1TV9ZM2VBTTJvdWhmRnF0VXNQelVfX0RBSVRYLWhJIn0',
|
|
35
|
+
const publicKeyHex = '037fcdce2770f6c45d4183cbee6fdb4b7b580733357be9ef13bacf6e3c7bd15445'
|
|
36
|
+
const kid = publicKeyHex
|
|
37
|
+
|
|
38
|
+
const example = await agent.jwtCreateJwsCompactSignature({
|
|
39
|
+
// Example payloads from IETF spec
|
|
40
|
+
issuer: { identifier: kid, noIdentifierInHeader: true }, // do not update any header values with the provided identifier. Just use the identifier for signing
|
|
41
|
+
protectedHeader: { alg: 'ES256' },
|
|
42
|
+
payload: 'eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ',
|
|
63
43
|
})
|
|
64
44
|
```
|
|
65
45
|
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
```json
|
|
69
|
-
{
|
|
70
|
-
"method": "did",
|
|
71
|
-
"jwk": {
|
|
72
|
-
"alg": "ES256",
|
|
73
|
-
"kty": "EC",
|
|
74
|
-
"crv": "P-256",
|
|
75
|
-
"x": "GjhS83y2FihjbF38P_sMUKf935hVvMDsck0DgxxmC34",
|
|
76
|
-
"y": "SpVOGx5levQc5M_Y3eAM2ouhfFqtUsPzU__DAITX-hI",
|
|
77
|
-
"kid": "77_7PdYbkikec5AR6zSKVIxgNExChvuOLLULBwS6jwc"
|
|
78
|
-
},
|
|
79
|
-
"jwkThumbprint": "77_7PdYbkikec5AR6zSKVIxgNExChvuOLLULBwS6jwc",
|
|
80
|
-
"identifier": {
|
|
81
|
-
"did": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiR2poUzgzeTJGaWhqYkYzOFBfc01VS2Y5MzVoVnZNRHNjazBEZ3h4bUMzNCIsInkiOiJTcFZPR3g1bGV2UWM1TV9ZM2VBTTJvdWhmRnF0VXNQelVfX0RBSVRYLWhJIn0",
|
|
82
|
-
"controllerKeyId": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiR2poUzgzeTJGaWhqYkYzOFBfc01VS2Y5MzVoVnZNRHNjazBEZ3h4bUMzNCIsInkiOiJTcFZPR3g1bGV2UWM1TV9ZM2VBTTJvdWhmRnF0VXNQelVfX0RBSVRYLWhJIn0#0",
|
|
83
|
-
"keys": [
|
|
84
|
-
{
|
|
85
|
-
<snip>
|
|
86
|
-
"kms": "local"
|
|
87
|
-
}
|
|
88
|
-
],
|
|
89
|
-
"services": [],
|
|
90
|
-
"provider": "did:jwk"
|
|
91
|
-
},
|
|
92
|
-
"did": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiR2poUzgzeTJGaWhqYkYzOFBfc01VS2Y5MzVoVnZNRHNjazBEZ3h4bUMzNCIsInkiOiJTcFZPR3g1bGV2UWM1TV9ZM2VBTTJvdWhmRnF0VXNQelVfX0RBSVRYLWhJIn0",
|
|
93
|
-
"controllerKeyId": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiR2poUzgzeTJGaWhqYkYzOFBfc01VS2Y5MzVoVnZNRHNjazBEZ3h4bUMzNCIsInkiOiJTcFZPR3g1bGV2UWM1TV9ZM2VBTTJvdWhmRnF0VXNQelVfX0RBSVRYLWhJIn0#0",
|
|
94
|
-
"keys": [
|
|
95
|
-
{
|
|
96
|
-
<snip,
|
|
97
|
-
see
|
|
98
|
-
key
|
|
99
|
-
below>
|
|
100
|
-
}
|
|
101
|
-
],
|
|
102
|
-
"key": {
|
|
103
|
-
"type": "Secp256r1",
|
|
104
|
-
"kid": "021a3852f37cb61628636c5dfc3ffb0c50a7fddf9855bcc0ec724d03831c660b7e",
|
|
105
|
-
"publicKeyHex": "021a3852f37cb61628636c5dfc3ffb0c50a7fddf9855bcc0ec724d03831c660b7e",
|
|
106
|
-
"kms": "local",
|
|
107
|
-
"meta": <snip>
|
|
108
|
-
},
|
|
109
|
-
"kmsKeyRef": "021a3852f37cb61628636c5dfc3ffb0c50a7fddf9855bcc0ec724d03831c660b7e"
|
|
110
|
-
}
|
|
111
|
-
```
|
|
112
|
-
|
|
113
|
-
### KMS Key reference, JWK Thumbprint
|
|
46
|
+
Verify the signature:
|
|
114
47
|
|
|
115
|
-
|
|
116
|
-
|
|
48
|
+
You can optionally provide a JWK if you want to use the JWK as a key for verification. Otherwise it will automacally
|
|
49
|
+
resolve the header params like x5c, kid (DID), JWK to perform the resolution with
|
|
50
|
+
the [Universal Identifier Resolution](https://github.com/Sphereon-Opensource/SSI-SDK-crypto-extensions/tree/develop/packages/identifier-resolution)
|
|
51
|
+
module
|
|
117
52
|
|
|
118
53
|
```typescript
|
|
119
|
-
|
|
120
|
-
resolution = await agent.identifierManagedGet({ identifier: '77_7PdYbkikec5AR6zSKVIxgNExChvuOLLULBwS6jwc' })
|
|
121
|
-
// This is the same as above, but with the benefit of having fully typed response, instead of a union
|
|
122
|
-
resolution = await agent.identifierManagedGetByKid({ identifier: '77_7PdYbkikec5AR6zSKVIxgNExChvuOLLULBwS6jwc' })
|
|
123
|
-
|
|
124
|
-
// KMS Key ref
|
|
125
|
-
resolution = await agent.identifierManagedGet({ identifier: '021a3852f37cb61628636c5dfc3ffb0c50a7fddf9855bcc0ec724d03831c660b7e' })
|
|
126
|
-
// This is the same as above, but with the benefit of having fully typed response, instead of a union
|
|
127
|
-
resolution = await agent.identifierManagedGetByKid({ identifier: '021a3852f37cb61628636c5dfc3ffb0c50a7fddf9855bcc0ec724d03831c660b7e' })
|
|
128
|
-
|
|
129
|
-
const jwk = {
|
|
130
|
-
alg: 'ES256',
|
|
54
|
+
const ietfJwk = {
|
|
131
55
|
kty: 'EC',
|
|
132
56
|
crv: 'P-256',
|
|
133
|
-
x: '
|
|
134
|
-
y: '
|
|
135
|
-
|
|
136
|
-
}
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
resolution = await agent.identifierManagedGetByJwk({ identifier: jwk })
|
|
142
|
-
```
|
|
143
|
-
|
|
144
|
-
## External Identifiers
|
|
145
|
-
|
|
146
|
-
We will use the example JWK above again, as that is an in memory construct, we can also resolve it like an external
|
|
147
|
-
identifier
|
|
148
|
-
|
|
149
|
-
### DIDs
|
|
150
|
-
|
|
151
|
-
```typescript
|
|
152
|
-
const did =
|
|
153
|
-
'did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiR2poUzgzeTJGaWhqYkYzOFBfc01VS2Y5MzVoVnZNRHNjazBEZ3h4bUMzNCIsInkiOiJTcFZPR3g1bGV2UWM1TV9ZM2VBTTJvdWhmRnF0VXNQelVfX0RBSVRYLWhJIn0'
|
|
154
|
-
|
|
155
|
-
resolution = await agent.identifierExternalResolve({ identifier: did })
|
|
156
|
-
// This is the same as above, but with the benefit of having fully typed response, instead of a union
|
|
157
|
-
resolution = await agent.identifierExternalResolveByDid({ identifier: did })
|
|
158
|
-
console.log(JSON.stringify(resolution, null, 2))
|
|
159
|
-
```
|
|
160
|
-
|
|
161
|
-
Results in the following JSON, with some properties removed for brevity
|
|
162
|
-
|
|
163
|
-
```json
|
|
164
|
-
{
|
|
165
|
-
"method": "did",
|
|
166
|
-
"did": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0",
|
|
167
|
-
"jwks": [
|
|
168
|
-
{
|
|
169
|
-
"jwk": {
|
|
170
|
-
"alg": "ES256",
|
|
171
|
-
"use": "sig",
|
|
172
|
-
"kty": "EC",
|
|
173
|
-
"crv": "P-256",
|
|
174
|
-
"x": "wdIEmfjmaZiGsub9Hffnhbr0xVVVmVLiUYLscgRt-3Y",
|
|
175
|
-
"y": "ept3ke4SslZb7ZbweWKmSaM3166ZuvecZ9ciKs6PDcw",
|
|
176
|
-
"kid": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0#0"
|
|
177
|
-
},
|
|
178
|
-
"jwkThumbprint": "gBT5We3eKcs3NNBAeJ40iPHbWvqAmY8C8L36rGwOAJk",
|
|
179
|
-
"kid": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0#0"
|
|
180
|
-
}
|
|
181
|
-
],
|
|
182
|
-
"didJwks": {
|
|
183
|
-
// These are the JWKs per verification method relationship. For a JWK this includes the above JWK, so we will not repeat it here
|
|
184
|
-
"verificationMethod": [
|
|
185
|
-
{
|
|
186
|
-
<snip>
|
|
187
|
-
}
|
|
188
|
-
],
|
|
189
|
-
"assertionMethod": [
|
|
190
|
-
{
|
|
191
|
-
<snip>
|
|
192
|
-
}
|
|
193
|
-
],
|
|
194
|
-
"authentication": [
|
|
195
|
-
{
|
|
196
|
-
<snip>
|
|
197
|
-
}
|
|
198
|
-
],
|
|
199
|
-
"keyAgreement": [],
|
|
200
|
-
"capabilityInvocation": [
|
|
201
|
-
{
|
|
202
|
-
<snip>
|
|
203
|
-
}
|
|
204
|
-
],
|
|
205
|
-
"capabilityDelegation": [
|
|
206
|
-
{
|
|
207
|
-
<snip>
|
|
208
|
-
}
|
|
209
|
-
]
|
|
210
|
-
},
|
|
211
|
-
"didDocument": {
|
|
212
|
-
"@context": [
|
|
213
|
-
"https://www.w3.org/ns/did/v1",
|
|
214
|
-
{
|
|
215
|
-
"@vocab": "https://www.iana.org/assignments/jose#"
|
|
216
|
-
}
|
|
217
|
-
],
|
|
218
|
-
"id": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0",
|
|
219
|
-
"verificationMethod": [
|
|
220
|
-
{
|
|
221
|
-
"id": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0#0",
|
|
222
|
-
"type": "JsonWebKey2020",
|
|
223
|
-
"controller": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0",
|
|
224
|
-
"publicKeyJwk": {
|
|
225
|
-
"alg": "ES256",
|
|
226
|
-
"use": "sig",
|
|
227
|
-
"kty": "EC",
|
|
228
|
-
"crv": "P-256",
|
|
229
|
-
"x": "wdIEmfjmaZiGsub9Hffnhbr0xVVVmVLiUYLscgRt-3Y",
|
|
230
|
-
"y": "ept3ke4SslZb7ZbweWKmSaM3166ZuvecZ9ciKs6PDcw",
|
|
231
|
-
"kid": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0#0"
|
|
232
|
-
}
|
|
233
|
-
}
|
|
234
|
-
],
|
|
235
|
-
"assertionMethod": [
|
|
236
|
-
"did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0#0"
|
|
237
|
-
],
|
|
238
|
-
"authentication": [
|
|
239
|
-
"did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0#0"
|
|
240
|
-
],
|
|
241
|
-
"capabilityInvocation": [
|
|
242
|
-
"did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0#0"
|
|
243
|
-
],
|
|
244
|
-
"capabilityDelegation": [
|
|
245
|
-
"did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0#0"
|
|
246
|
-
]
|
|
247
|
-
},
|
|
248
|
-
"didResolutionResult": {
|
|
249
|
-
"didDocumentMetadata": {},
|
|
250
|
-
"didResolutionMetadata": {
|
|
251
|
-
"contentType": "application/did+ld+json",
|
|
252
|
-
"pattern": "^(did:jwk:.+)$",
|
|
253
|
-
"did": {
|
|
254
|
-
"didString": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0",
|
|
255
|
-
"methodSpecificId": "eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0",
|
|
256
|
-
"method": "jwk"
|
|
257
|
-
}
|
|
258
|
-
}
|
|
259
|
-
},
|
|
260
|
-
"didParsed": {
|
|
261
|
-
"did": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0",
|
|
262
|
-
"method": "jwk",
|
|
263
|
-
"id": "eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0",
|
|
264
|
-
"didUrl": "did:jwk:eyJhbGciOiJFUzI1NiIsInVzZSI6InNpZyIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4Ijoid2RJRW1mam1hWmlHc3ViOUhmZm5oYnIweFZWVm1WTGlVWUxzY2dSdC0zWSIsInkiOiJlcHQza2U0U3NsWmI3WmJ3ZVdLbVNhTTMxNjZadXZlY1o5Y2lLczZQRGN3In0"
|
|
265
|
-
}
|
|
266
|
-
}
|
|
267
|
-
```
|
|
268
|
-
|
|
269
|
-
### X.509 Certificate Chains
|
|
270
|
-
|
|
271
|
-
You can provide an optional verification time as well using a Date as value. By default the X5C will be fully verified,
|
|
272
|
-
unless the verification param is set to false.
|
|
273
|
-
|
|
274
|
-
```typescript
|
|
275
|
-
const sphereonCA = 'PEM or DER CERT'
|
|
276
|
-
const sphereonTest = 'PEM or DER CERT'
|
|
277
|
-
|
|
278
|
-
let resolution = await agent.identifierExternalResolve({
|
|
279
|
-
identifier: [sphereonTest, sphereonCA],
|
|
280
|
-
trustAnchors: [sphereonCA],
|
|
281
|
-
})
|
|
282
|
-
|
|
283
|
-
// This is the same as above, but with the benefit of having fully typed response, instead of a union
|
|
284
|
-
resolution = await agent.identifierExternalResolveByX5c({
|
|
285
|
-
identifier: [sphereonTest, sphereonCA],
|
|
286
|
-
trustAnchors: [sphereonCA],
|
|
57
|
+
x: 'f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU',
|
|
58
|
+
y: 'x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0',
|
|
59
|
+
// d: 'jpsQnnGQmL-YBIffH1136cspYG6-0iY7X1fCE9-E9LI',
|
|
60
|
+
} satisfies JWK
|
|
61
|
+
|
|
62
|
+
const result = await agent.jwtVerifyJwsSignature({
|
|
63
|
+
jws: example.jwt,
|
|
64
|
+
jwk: ietfJwk,
|
|
287
65
|
})
|
|
288
|
-
|
|
289
|
-
console.log(JSON.stringify(resolution, null, 2))
|
|
290
66
|
```
|
|
291
67
|
|
|
292
|
-
```
|
|
293
|
-
{
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
"verificationTime": "2024-08-13T13:28:16.457Z",
|
|
300
|
-
"certificateChain": [
|
|
68
|
+
```typescript
|
|
69
|
+
const result = {
|
|
70
|
+
critical: false,
|
|
71
|
+
error: false,
|
|
72
|
+
jws: {
|
|
73
|
+
payload: 'eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ',
|
|
74
|
+
signatures: [
|
|
301
75
|
{
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
|
|
310
|
-
|
|
311
|
-
|
|
312
|
-
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
"key_ops": ["verify"],
|
|
323
|
-
"ext": true,
|
|
324
|
-
"kty": "EC",
|
|
325
|
-
"x": "pyVHVR7IdgWmG_TLb3-K_4dg3XC6GQQWDB61Lna15ns",
|
|
326
|
-
"y": "OcVNCBD0kMmqEaKjbczwd2GvbV1AOxgE7AKsa3L0zxM",
|
|
327
|
-
"crv": "P-256"
|
|
76
|
+
identifier: {
|
|
77
|
+
jwk: {
|
|
78
|
+
crv: 'P-256',
|
|
79
|
+
kty: 'EC',
|
|
80
|
+
x: 'f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU',
|
|
81
|
+
y: 'x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0',
|
|
82
|
+
},
|
|
83
|
+
jwks: [
|
|
84
|
+
{
|
|
85
|
+
jwk: {
|
|
86
|
+
crv: 'P-256',
|
|
87
|
+
kty: 'EC',
|
|
88
|
+
x: 'f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU',
|
|
89
|
+
y: 'x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0',
|
|
90
|
+
},
|
|
91
|
+
jwkThumbprint: 'oKIywvGUpTVTyxMQ3bwIIeQUudfr_CkLMjCE19ECD-U',
|
|
92
|
+
publicKeyHex: '037fcdce2770f6c45d4183cbee6fdb4b7b580733357be9ef13bacf6e3c7bd15445',
|
|
93
|
+
},
|
|
94
|
+
],
|
|
95
|
+
method: 'jwk',
|
|
328
96
|
},
|
|
329
|
-
|
|
330
|
-
|
|
97
|
+
protected: 'eyJhbGciOiJFUzI1NiJ9',
|
|
98
|
+
signature: 'e4ZrhZdbFQ7630Tq51E6RQiJaae9bFNGJszIhtusEwzvO21rzH76Wer6yRn2Zb34VjIm3cVRl0iQctbf4uBY3w',
|
|
331
99
|
},
|
|
332
|
-
|
|
333
|
-
"issuer": {
|
|
334
|
-
"dn": {
|
|
335
|
-
"DN": "C=NL,O=Sphereon International B.V.,OU=IT,CN=ca.sphereon.com",
|
|
336
|
-
"attributes": {
|
|
337
|
-
"C": "NL",
|
|
338
|
-
"O": "Sphereon International B.V.",
|
|
339
|
-
"OU": "IT",
|
|
340
|
-
"CN": "ca.sphereon.com"
|
|
341
|
-
}
|
|
342
|
-
}
|
|
343
|
-
},
|
|
344
|
-
"subject": {
|
|
345
|
-
"dn": {
|
|
346
|
-
"DN": "C=NL,O=Sphereon International B.V.,OU=IT,CN=ca.sphereon.com",
|
|
347
|
-
"attributes": {
|
|
348
|
-
"C": "NL",
|
|
349
|
-
"O": "Sphereon International B.V.",
|
|
350
|
-
"OU": "IT",
|
|
351
|
-
"CN": "ca.sphereon.com"
|
|
352
|
-
}
|
|
353
|
-
}
|
|
354
|
-
},
|
|
355
|
-
"publicKeyJWK": {
|
|
356
|
-
"key_ops": ["verify"],
|
|
357
|
-
"ext": true,
|
|
358
|
-
"kty": "EC",
|
|
359
|
-
"x": "SIDQp4RJI2s5yYIOBrxiwGRROCjBkbCq8vaf3UlSkAw",
|
|
360
|
-
"y": "dRSwvlVFdqdiLXnk2pQqT1vZnDG0I-x-iz2EbdsG0aY",
|
|
361
|
-
"crv": "P-256"
|
|
362
|
-
},
|
|
363
|
-
"notBefore": "2024-07-28T21:26:49.000Z",
|
|
364
|
-
"notAfter": "2034-07-28T21:26:49.000Z"
|
|
365
|
-
}
|
|
366
|
-
]
|
|
367
|
-
},
|
|
368
|
-
"issuerJWK": {
|
|
369
|
-
"key_ops": ["verify"],
|
|
370
|
-
"ext": true,
|
|
371
|
-
"kty": "EC",
|
|
372
|
-
"x": "pyVHVR7IdgWmG_TLb3-K_4dg3XC6GQQWDB61Lna15ns",
|
|
373
|
-
"y": "OcVNCBD0kMmqEaKjbczwd2GvbV1AOxgE7AKsa3L0zxM",
|
|
374
|
-
"crv": "P-256"
|
|
100
|
+
],
|
|
375
101
|
},
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
"key_ops": ["verify"],
|
|
380
|
-
"ext": true,
|
|
381
|
-
"kty": "EC",
|
|
382
|
-
"x": "pyVHVR7IdgWmG_TLb3-K_4dg3XC6GQQWDB61Lna15ns",
|
|
383
|
-
"y": "OcVNCBD0kMmqEaKjbczwd2GvbV1AOxgE7AKsa3L0zxM",
|
|
384
|
-
"crv": "P-256"
|
|
385
|
-
},
|
|
386
|
-
"kid": "CN=test123.test.sphereon.com",
|
|
387
|
-
"jwkThumbprint": "LlITYB6tlvSVtVrMtIEzrkkSQkMSoPslhQ3Rnk1x484"
|
|
388
|
-
},
|
|
389
|
-
{
|
|
390
|
-
"jwk": {
|
|
391
|
-
"key_ops": ["verify"],
|
|
392
|
-
"ext": true,
|
|
393
|
-
"kty": "EC",
|
|
394
|
-
"x": "SIDQp4RJI2s5yYIOBrxiwGRROCjBkbCq8vaf3UlSkAw",
|
|
395
|
-
"y": "dRSwvlVFdqdiLXnk2pQqT1vZnDG0I-x-iz2EbdsG0aY",
|
|
396
|
-
"crv": "P-256"
|
|
397
|
-
},
|
|
398
|
-
"kid": "C=NL,O=Sphereon International B.V.,OU=IT,CN=ca.sphereon.com",
|
|
399
|
-
"jwkThumbprint": "1wAefk4zZ8Q8cM-9djHoJhPUtKjVFLqG7u9VftVqulA"
|
|
400
|
-
}
|
|
401
|
-
],
|
|
402
|
-
"x5c": [
|
|
403
|
-
"MIIC1jCCAnygAwIBAgITALtvb+InWBtzJO3mAeQZIUBXbzAKBggqhkjOPQQDAjBaMQswCQYDVQQGEwJOTDEkMCIGA1UECgwbU3BoZXJlb24gSW50ZXJuYXRpb25hbCBCLlYuMQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPY2Euc3BoZXJlb24uY29tMB4XDTI0MDgwNjIwMTYxMloXDTI0MTEwNDIyMTYxMlowJDEiMCAGA1UEAwwZdGVzdDEyMy50ZXN0LnNwaGVyZW9uLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKclR1UeyHYFphv0y29/iv+HYN1wuhkEFgwetS52teZ7OcVNCBD0kMmqEaKjbczwd2GvbV1AOxgE7AKsa3L0zxOjggFVMIIBUTAdBgNVHQ4EFgQUoWVOwL15ttB1YPUd0HgvYry0Z+UwHwYDVR0jBBgwFoAU5wfKXZVc+cig/s7jZEUegLMsMsEwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vZXUuY2VydC5lemNhLmlvL2NlcnRzL2RhYTFiNGI0LTg1ZmQtNGJhNC1iOTZiLTMzMmFkZDg5OWNlOS5jZXIwEwYDVR0lBAwwCgYIKwYBBQUHAwIwJAYDVR0RBB0wG4IZdGVzdDEyMy50ZXN0LnNwaGVyZW9uLmNvbTAOBgNVHQ8BAf8EBAMCB4AwYQYDVR0fBFowWDBWoFSgUoZQaHR0cDovL2V1LmNybC5lemNhLmlvL2NybC8yY2RmN2M1ZS1iOWNkLTQzMTctYmI1Ni0zODZkMjQ0MzgwZTIvY2FzcGhlcmVvbmNvbS5jcmwwCgYIKoZIzj0EAwIDSAAwRQIgThuggyhKePvRt5YEvfg6MD42N2/63L0ypw0vLZkM+zYCIQD+uInjqsfR6K/D+ebjuOAdhOyeD2nZAW29zN20WIQJsw==",
|
|
404
|
-
"MIICCDCCAa6gAwIBAgITAPMgqwtYzWPBXaobHhxG9iSydTAKBggqhkjOPQQDAjBaMQswCQYDVQQGEwJOTDEkMCIGA1UECgwbU3BoZXJlb24gSW50ZXJuYXRpb25hbCBCLlYuMQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPY2Euc3BoZXJlb24uY29tMB4XDTI0MDcyODIxMjY0OVoXDTM0MDcyODIxMjY0OVowWjELMAkGA1UEBhMCTkwxJDAiBgNVBAoMG1NwaGVyZW9uIEludGVybmF0aW9uYWwgQi5WLjELMAkGA1UECwwCSVQxGDAWBgNVBAMMD2NhLnNwaGVyZW9uLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEiA0KeESSNrOcmCDga8YsBkUTgowZGwqvL2n91JUpAMdRSwvlVFdqdiLXnk2pQqT1vZnDG0I+x+iz2EbdsG0aajUzBRMB0GA1UdDgQWBBTnB8pdlVz5yKD+zuNkRR6AsywywTAOBgNVHQ8BAf8EBAMCAaYwDwYDVR0lBAgwBgYEVR0lADAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIHH7ie1OAAbff5262rzZVQa8J9zENG8AQlHHFydMdgaXAiEA1Ib82mhHIYDziE0DDbHEAXOs98al+7dpo8fPGVGTeKI="
|
|
405
|
-
]
|
|
102
|
+
message: 'Signature validated',
|
|
103
|
+
name: 'jws',
|
|
104
|
+
verificationTime: '2024-08-10T23:04:23',
|
|
406
105
|
}
|
|
407
106
|
```
|
|
408
107
|
|
|
409
108
|
### Installation
|
|
410
109
|
|
|
411
110
|
```shell
|
|
412
|
-
pnpm add @sphereon/ssi-sdk-ext.
|
|
111
|
+
pnpm add @sphereon/ssi-sdk-ext.jwt-service
|
|
413
112
|
```
|
|
414
113
|
|
|
415
114
|
### Build
|
|
@@ -10,5 +10,6 @@ export declare class JwtService implements IAgentPlugin {
|
|
|
10
10
|
private jwtCreateJwsJsonGeneralSignature;
|
|
11
11
|
private jwtCreateJwsJsonFlattenedSignature;
|
|
12
12
|
private jwtCreateJwsCompactSignature;
|
|
13
|
+
private jwtVerifyJwsSignature;
|
|
13
14
|
}
|
|
14
15
|
//# sourceMappingURL=JwtService.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtService.d.ts","sourceRoot":"","sources":["../../src/agent/JwtService.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAC3C,OAAO,
|
|
1
|
+
{"version":3,"file":"JwtService.d.ts","sourceRoot":"","sources":["../../src/agent/JwtService.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAC3C,OAAO,EAQL,WAAW,EAUZ,MAAM,IAAI,CAAA;AAEX;;GAEG;AACH,qBAAa,UAAW,YAAW,YAAY;IAC7C,QAAQ,CAAC,MAAM,MAAqB;IACpC,QAAQ,CAAC,OAAO,EAAE,WAAW,CAM5B;YAEa,aAAa;YAIb,gCAAgC;YAIhC,kCAAkC;YAIlC,4BAA4B;YAK5B,qBAAqB;CAGpC"}
|
package/dist/agent/JwtService.js
CHANGED
|
@@ -16,12 +16,13 @@ const __1 = require("..");
|
|
|
16
16
|
*/
|
|
17
17
|
class JwtService {
|
|
18
18
|
constructor() {
|
|
19
|
-
this.schema = __1.schema.
|
|
19
|
+
this.schema = __1.schema.IJwtService;
|
|
20
20
|
this.methods = {
|
|
21
21
|
jwtPrepareJws: this.jwtPrepareJws.bind(this),
|
|
22
22
|
jwtCreateJwsJsonGeneralSignature: this.jwtCreateJwsJsonGeneralSignature.bind(this),
|
|
23
23
|
jwtCreateJwsJsonFlattenedSignature: this.jwtCreateJwsJsonFlattenedSignature.bind(this),
|
|
24
24
|
jwtCreateJwsCompactSignature: this.jwtCreateJwsCompactSignature.bind(this),
|
|
25
|
+
jwtVerifyJwsSignature: this.jwtVerifyJwsSignature.bind(this),
|
|
25
26
|
};
|
|
26
27
|
}
|
|
27
28
|
jwtPrepareJws(args, context) {
|
|
@@ -45,6 +46,11 @@ class JwtService {
|
|
|
45
46
|
return { jwt: yield (0, __1.createJwsCompact)(args, context) };
|
|
46
47
|
});
|
|
47
48
|
}
|
|
49
|
+
jwtVerifyJwsSignature(args, context) {
|
|
50
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
51
|
+
return yield (0, __1.verifyJws)(args, context);
|
|
52
|
+
});
|
|
53
|
+
}
|
|
48
54
|
}
|
|
49
55
|
exports.JwtService = JwtService;
|
|
50
56
|
//# sourceMappingURL=JwtService.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtService.js","sourceRoot":"","sources":["../../src/agent/JwtService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,
|
|
1
|
+
{"version":3,"file":"JwtService.js","sourceRoot":"","sources":["../../src/agent/JwtService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,0BAkBW;AAEX;;GAEG;AACH,MAAa,UAAU;IAAvB;QACW,WAAM,GAAG,UAAM,CAAC,WAAW,CAAA;QAC3B,YAAO,GAAgB;YAC9B,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5C,gCAAgC,EAAE,IAAI,CAAC,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC;YAClF,kCAAkC,EAAE,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC;YACtF,4BAA4B,EAAE,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC;YAC1E,qBAAqB,EAAE,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC;SAC7D,CAAA;IAsBH,CAAC;IApBe,aAAa,CAAC,IAAuB,EAAE,OAAyB;;YAC5E,OAAO,MAAM,IAAA,oBAAgB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAC9C,CAAC;KAAA;IAEa,gCAAgC,CAAC,IAAuB,EAAE,OAAyB;;YAC/F,OAAO,MAAM,IAAA,wBAAoB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAClD,CAAC;KAAA;IAEa,kCAAkC,CAAC,IAA4B,EAAE,OAAyB;;YACtG,OAAO,MAAM,IAAA,0BAAsB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QACpD,CAAC;KAAA;IAEa,4BAA4B,CAAC,IAA0B,EAAE,OAAyB;;YAC9F,oDAAoD;YACpD,OAAO,EAAE,GAAG,EAAE,MAAM,IAAA,oBAAgB,EAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAA;QACvD,CAAC;KAAA;IAEa,qBAAqB,CAAC,IAAmB,EAAE,OAAyB;;YAChF,OAAO,MAAM,IAAA,aAAS,EAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QACvC,CAAC;KAAA;CACF;AA9BD,gCA8BC"}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
|
-
import { ManagedIdentifierResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
|
|
2
|
-
import {
|
|
1
|
+
import { ExternalIdentifierDidOpts, ExternalIdentifierX5cOpts, IIdentifierResolution, ManagedIdentifierResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
|
|
2
|
+
import { JWK } from '@sphereon/ssi-types';
|
|
3
|
+
import { IAgentContext } from '@veramo/core';
|
|
4
|
+
import { CreateJwsCompactArgs, CreateJwsFlattenedArgs, CreateJwsJsonArgs, IJwsValidationResult, IRequiredContext, Jws, JwsCompact, JwsIdentifierMode, JwsJsonFlattened, JwsJsonGeneral, JwsJsonGeneralWithIdentifiers, JwtHeader, PreparedJwsObject, VerifyJwsArgs } from '../types/IJwtService';
|
|
3
5
|
export declare const prepareJwsObject: (args: CreateJwsJsonArgs, context: IRequiredContext) => Promise<PreparedJwsObject>;
|
|
4
6
|
export declare const createJwsCompact: (args: CreateJwsCompactArgs, context: IRequiredContext) => Promise<JwsCompact>;
|
|
5
7
|
export declare const createJwsJsonFlattened: (args: CreateJwsFlattenedArgs, context: IRequiredContext) => Promise<JwsJsonFlattened>;
|
|
@@ -13,9 +15,21 @@ export declare const createJwsJsonGeneral: (args: CreateJwsJsonArgs, context: IR
|
|
|
13
15
|
* @param context
|
|
14
16
|
*/
|
|
15
17
|
export declare const checkAndUpdateJwtHeader: ({ mode, identifier, header, noIdentifierInHeader, }: {
|
|
16
|
-
mode?:
|
|
18
|
+
mode?: JwsIdentifierMode;
|
|
17
19
|
identifier: ManagedIdentifierResult;
|
|
18
20
|
noIdentifierInHeader?: boolean;
|
|
19
21
|
header: JwtHeader;
|
|
20
22
|
}, context: IRequiredContext) => Promise<undefined>;
|
|
23
|
+
export declare const verifyJws: (args: VerifyJwsArgs, context: IAgentContext<IIdentifierResolution>) => Promise<IJwsValidationResult>;
|
|
24
|
+
export declare const toJwsJsonGeneral: ({ jws }: {
|
|
25
|
+
jws: Jws;
|
|
26
|
+
}, context: IAgentContext<any>) => Promise<JwsJsonGeneral>;
|
|
27
|
+
export declare const toJwsJsonGeneralWithIdentifiers: (args: {
|
|
28
|
+
jws: Jws;
|
|
29
|
+
jwk?: JWK;
|
|
30
|
+
opts?: {
|
|
31
|
+
x5c?: Omit<ExternalIdentifierX5cOpts, 'identifier'>;
|
|
32
|
+
did?: Omit<ExternalIdentifierDidOpts, 'identifier'>;
|
|
33
|
+
};
|
|
34
|
+
}, context: IAgentContext<IIdentifierResolution>) => Promise<JwsJsonGeneralWithIdentifiers>;
|
|
21
35
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":"AACA,OAAO,EAEL,yBAAyB,EACzB,yBAAyB,EACzB,qBAAqB,EAIrB,uBAAuB,EAExB,MAAM,6CAA6C,CAAA;AAGpD,OAAO,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAI5C,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,iBAAiB,EACjB,oBAAoB,EACpB,gBAAgB,EAIhB,GAAG,EACH,UAAU,EACV,iBAAiB,EACjB,gBAAgB,EAChB,cAAc,EACd,6BAA6B,EAE7B,SAAS,EAET,iBAAiB,EACjB,aAAa,EACd,MAAM,sBAAsB,CAAA;AAQ7B,eAAO,MAAM,gBAAgB,SAAgB,iBAAiB,gCAA8B,QAAQ,iBAAiB,CAoCpH,CAAA;AAED,eAAO,MAAM,gBAAgB,SAAgB,oBAAoB,gCAA8B,QAAQ,UAAU,CAGhH,CAAA;AAED,eAAO,MAAM,sBAAsB,SAAgB,sBAAsB,gCAA8B,QAAQ,gBAAgB,CAS9H,CAAA;AAED,eAAO,MAAM,oBAAoB,SAAgB,iBAAiB,gCAA8B,QAAQ,cAAc,CA4BrH,CAAA;AAED;;;;;;;GAOG;AAEH,eAAO,MAAM,uBAAuB,wDAM/B;IACD,IAAI,CAAC,EAAE,iBAAiB,CAAA;IACxB,UAAU,EAAE,uBAAuB,CAAA;IACnC,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,MAAM,EAAE,SAAS,CAAA;CAClB,kDAsBF,CAAA;AAoID,eAAO,MAAM,SAAS,SAAgB,aAAa,WAAW,cAAc,qBAAqB,CAAC,KAAG,QAAQ,oBAAoB,CA4ChI,CAAA;AACD,eAAO,MAAM,gBAAgB,YAAmB;IAAE,GAAG,EAAE,GAAG,CAAA;CAAE,WAAW,cAAc,GAAG,CAAC,KAAG,QAAQ,cAAc,CAyBjH,CAAA;AAoCD,eAAO,MAAM,+BAA+B,SACpC;IACJ,GAAG,EAAE,GAAG,CAAA;IACR,GAAG,CAAC,EAAE,GAAG,CAAA;IACT,IAAI,CAAC,EAAE;QAAE,GAAG,CAAC,EAAE,KAAK,yBAAyB,EAAE,YAAY,CAAC,CAAC;QAAC,GAAG,CAAC,EAAE,KAAK,yBAAyB,EAAE,YAAY,CAAC,CAAA;KAAE,CAAA;CACpH,WACQ,cAAc,qBAAqB,CAAC,KAC5C,QAAQ,6BAA6B,CAYvC,CAAA"}
|